/** @var bool Whether PHP session handling is enabled */
protected $enable = false;
+
+ /** @var bool */
protected $warn = true;
/** @var SessionManager|null */
// Close any auto-started session, before we replace it
session_write_close();
- // Tell PHP not to mess with cookies itself
- ini_set( 'session.use_cookies', 0 );
- ini_set( 'session.use_trans_sid', 0 );
+ try {
+ \Wikimedia\suppressWarnings();
+
+ // Tell PHP not to mess with cookies itself
+ ini_set( 'session.use_cookies', 0 );
+ ini_set( 'session.use_trans_sid', 0 );
- // T124510: Disable automatic PHP session related cache headers.
- // MediaWiki adds it's own headers and the default PHP behavior may
- // set headers such as 'Pragma: no-cache' that cause problems with
- // some user agents.
- session_cache_limiter( '' );
+ // T124510: Disable automatic PHP session related cache headers.
+ // MediaWiki adds it's own headers and the default PHP behavior may
+ // set headers such as 'Pragma: no-cache' that cause problems with
+ // some user agents.
+ session_cache_limiter( '' );
- // Also set a sane serialization handler
- \Wikimedia\PhpSessionSerializer::setSerializeHandler();
+ // Also set a sane serialization handler
+ \Wikimedia\PhpSessionSerializer::setSerializeHandler();
- // Register this as the save handler, and register an appropriate
- // shutdown function.
- session_set_save_handler( self::$instance, true );
+ // Register this as the save handler, and register an appropriate
+ // shutdown function.
+ session_set_save_handler( self::$instance, true );
+ } finally {
+ \Wikimedia\restoreWarnings();
+ }
}
/**
}
}
- /**
- * Workaround for PHP5 bug
- *
- * PHP5 has a bug in handling boolean return values for
- * SessionHandlerInterface methods, it expects 0 or -1 instead of true or
- * false. See <https://wiki.php.net/rfc/session.user.return-value>.
- *
- * PHP7 and HHVM are not affected.
- *
- * @todo When we drop support for Zend PHP 5, this can be removed.
- * @return bool|int
- * @codeCoverageIgnore
- */
- protected static function returnSuccess() {
- return defined( 'HHVM_VERSION' ) || version_compare( PHP_VERSION, '7.0.0', '>=' ) ? true : 0;
- }
-
- /**
- * Workaround for PHP5 bug
- * @see self::returnSuccess()
- * @return bool|int
- * @codeCoverageIgnore
- */
- protected static function returnFailure() {
- return defined( 'HHVM_VERSION' ) || version_compare( PHP_VERSION, '7.0.0', '>=' ) ? false : -1;
- }
-
/**
* Initialize the session (handler)
* @private For internal use only
* @param string $save_path Path used to store session files (ignored)
* @param string $session_name Session name (ignored)
- * @return bool|int Success (see self::returnSuccess())
+ * @return true
*/
public function open( $save_path, $session_name ) {
if ( self::$instance !== $this ) {
if ( !$this->enable ) {
throw new \BadMethodCallException( 'Attempt to use PHP session management' );
}
- return self::returnSuccess();
+ return true;
}
/**
* Close the session (handler)
* @private For internal use only
- * @return bool|int Success (see self::returnSuccess())
+ * @return true
*/
public function close() {
if ( self::$instance !== $this ) {
throw new \UnexpectedValueException( __METHOD__ . ': Wrong instance called!' );
}
$this->sessionFieldCache = [];
- return self::returnSuccess();
+ return true;
}
/**
* @param string $dataStr Session data. Not that you should ever call this
* directly, but note that this has the same issues with code injection
* via user-controlled data as does PHP's unserialize function.
- * @return bool|int Success (see self::returnSuccess())
+ * @return bool
*/
public function write( $id, $dataStr ) {
if ( self::$instance !== $this ) {
[
'session' => $id,
] );
- return self::returnSuccess();
+ return true;
}
// First, decode the string PHP handed us
$data = \Wikimedia\PhpSessionSerializer::decode( $dataStr );
if ( $data === null ) {
// @codeCoverageIgnoreStart
- return self::returnFailure();
+ return false;
// @codeCoverageIgnoreEnd
}
// Now merge the data into the Session object.
$changed = false;
- $cache = isset( $this->sessionFieldCache[$id] ) ? $this->sessionFieldCache[$id] : [];
+ $cache = $this->sessionFieldCache[$id] ?? [];
foreach ( $data as $key => $value ) {
if ( !array_key_exists( $key, $cache ) ) {
if ( $session->exists( $key ) ) {
$session->persist();
- return self::returnSuccess();
+ return true;
}
/**
* Destroy a session
* @private For internal use only
* @param string $id Session id
- * @return bool|int Success (see self::returnSuccess())
+ * @return true
*/
public function destroy( $id ) {
if ( self::$instance !== $this ) {
if ( $session ) {
$session->clear();
}
- return self::returnSuccess();
+ return true;
}
/**
* Execute garbage collection.
* @private For internal use only
* @param int $maxlifetime Maximum session life time (ignored)
- * @return bool|int Success (see self::returnSuccess())
+ * @return true
* @codeCoverageIgnore See T135576
*/
public function gc( $maxlifetime ) {
}
$before = date( 'YmdHis', time() );
$this->store->deleteObjectsExpiringBefore( $before );
- return self::returnSuccess();
+ return true;
}
}